acme: add haproxy support
Signed-off-by: Wakatatsu Ryou <lialosiu@gmail.com>
This commit is contained in:
Wakatatsu Ryou
Rosen Penev
parent
440d3c0450
commit
98985a9561
1 changed files with 14 additions and 0 deletions
|
|
@ -20,6 +20,7 @@ DEBUG=0
|
||||||
NGINX_WEBSERVER=0
|
NGINX_WEBSERVER=0
|
||||||
UPDATE_NGINX=0
|
UPDATE_NGINX=0
|
||||||
UPDATE_UHTTPD=0
|
UPDATE_UHTTPD=0
|
||||||
|
UPDATE_HAPROXY=0
|
||||||
USER_CLEANUP=
|
USER_CLEANUP=
|
||||||
|
|
||||||
. /lib/functions.sh
|
. /lib/functions.sh
|
||||||
|
|
@ -153,6 +154,10 @@ post_checks() {
|
||||||
/etc/init.d/nginx restart
|
/etc/init.d/nginx restart
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -e /etc/init.d/haproxy ] && [ "$UPDATE_HAPROXY" -eq 1 ] ; then
|
||||||
|
/etc/init.d/haproxy restart
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -n "$USER_CLEANUP" ] && [ -f "$USER_CLEANUP" ]; then
|
if [ -n "$USER_CLEANUP" ] && [ -f "$USER_CLEANUP" ]; then
|
||||||
log "Running user-provided cleanup script from $USER_CLEANUP."
|
log "Running user-provided cleanup script from $USER_CLEANUP."
|
||||||
"$USER_CLEANUP" || return 1
|
"$USER_CLEANUP" || return 1
|
||||||
|
|
@ -187,6 +192,7 @@ issue_cert() {
|
||||||
local use_staging
|
local use_staging
|
||||||
local update_uhttpd
|
local update_uhttpd
|
||||||
local update_nginx
|
local update_nginx
|
||||||
|
local update_haproxy
|
||||||
local keylength
|
local keylength
|
||||||
local keylength_ecc=0
|
local keylength_ecc=0
|
||||||
local domains
|
local domains
|
||||||
|
|
@ -206,6 +212,7 @@ issue_cert() {
|
||||||
config_get_bool use_staging "$section" use_staging
|
config_get_bool use_staging "$section" use_staging
|
||||||
config_get_bool update_uhttpd "$section" update_uhttpd
|
config_get_bool update_uhttpd "$section" update_uhttpd
|
||||||
config_get_bool update_nginx "$section" update_nginx
|
config_get_bool update_nginx "$section" update_nginx
|
||||||
|
config_get_bool update_haproxy "$section" update_haproxy
|
||||||
config_get calias "$section" calias
|
config_get calias "$section" calias
|
||||||
config_get dalias "$section" dalias
|
config_get dalias "$section" dalias
|
||||||
config_get domains "$section" domains
|
config_get domains "$section" domains
|
||||||
|
|
@ -219,6 +226,7 @@ issue_cert() {
|
||||||
|
|
||||||
UPDATE_NGINX=$update_nginx
|
UPDATE_NGINX=$update_nginx
|
||||||
UPDATE_UHTTPD=$update_uhttpd
|
UPDATE_UHTTPD=$update_uhttpd
|
||||||
|
UPDATE_HAPROXY=$update_haproxy
|
||||||
USER_CLEANUP=$user_cleanup
|
USER_CLEANUP=$user_cleanup
|
||||||
|
|
||||||
[ "$enabled" -eq "1" ] || return
|
[ "$enabled" -eq "1" ] || return
|
||||||
|
|
@ -340,6 +348,12 @@ issue_cert() {
|
||||||
# commit and reload is in post_checks
|
# commit and reload is in post_checks
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -e /etc/init.d/haproxy ] && [ -w /etc/haproxy.cfg ] && [ "$update_haproxy" -eq "1" ]; then
|
||||||
|
cat "${domain_dir}/${main_domain}.key" "${domain_dir}/fullchain.cer" > "${domain_dir}/${main_domain}-haproxy.pem"
|
||||||
|
sed -i "s#bind :::443 v4v6 ssl crt .* alpn#bind :::443 v4v6 ssl crt ${domain_dir}/${main_domain}-haproxy.pem alpn#g" /etc/haproxy.cfg
|
||||||
|
# commit and reload is in post_checks
|
||||||
|
fi
|
||||||
|
|
||||||
post_checks
|
post_checks
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue